upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-20 22:00:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 39

feat(oauth): Allow to skip the grant step for selected applications

Browse source 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This commit is contained in:
Côme Chilliet 2024-12-05 15:00:46 +01:00 committed by Côme Chilliet
parent b64b106c13
commit 9b366c65d4
1 changed files with 14 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
core/Controller/ClientFlowLoginController.php
View file

@ -26,6 +26,7 @@ use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Authentication\Exceptions\InvalidTokenException;
use OCP\Defaults;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\IAppConfig;
use OCP\IL10N;
use OCP\IRequest;
use OCP\ISession;
@ -55,6 +56,7 @@ class ClientFlowLoginController extends Controller {
private ICrypto $crypto,
private IEventDispatcher $eventDispatcher,
private ITimeFactory $timeFactory,
private IAppConfig $appConfig,
) {
parent::__construct($appName, $request);
}
@ -157,9 +159,11 @@ class ClientFlowLoginController extends Controller {
#[NoCSRFRequired]
#[UseSession]
#[FrontpageRoute(verb: 'GET', url: '/login/flow/grant')]
public function grantPage(string $stateToken = '',
public function grantPage(
string $stateToken = '',
string $clientIdentifier = '',
int $direct = 0): StandaloneTemplateResponse {
int $direct = 0,
): Response {
if (!$this->isValidToken($stateToken)) {
return $this->stateTokenForbiddenResponse();
}
@ -181,6 +185,10 @@ class ClientFlowLoginController extends Controller {
/** @var IUser $user */
$user = $this->userSession->getUser();
if (in_array($clientName, $this->appConfig->getValueArray('oauth2', 'autoGrantApplications', []))) {
return $this->generateAppPassword($stateToken, $clientIdentifier);
}
$response = new StandaloneTemplateResponse(
$this->appName,
'loginflow/grant',
@ -203,14 +211,13 @@ class ClientFlowLoginController extends Controller {
return $response;
}
/**
* @return Http\RedirectResponse|Response
*/
#[NoAdminRequired]
#[UseSession]
#[FrontpageRoute(verb: 'POST', url: '/login/flow')]
public function generateAppPassword(string $stateToken,
string $clientIdentifier = '') {
public function generateAppPassword(
string $stateToken,
string $clientIdentifier = '',
): Response {
if (!$this->isValidToken($stateToken)) {
$this->session->remove(self::STATE_NAME);
return $this->stateTokenForbiddenResponse();